What type of vulnerabilities are least likely to be detected by a vulnerability scanner?

Zero-day vulnerabilities are specific types of vulnerabilities that are not yet known to the software vendor or security community. Because they are new and have not yet been publicly disclosed or documented, vulnerability scanners, which rely on existing databases and signatures to identify issues, are unlikely to detect them. These scanners function based on known vulnerabilities; therefore, if a vulnerability has not been discovered or cataloged, the scanner will not flag it.

To further clarify, local vulnerabilities generally refer to issues that can be identified through local access to the system, service vulnerabilities are associated with specific applications or services running, and vulnerabilities requiring authentication usually need a user to be logged in before they can be assessed. All these types of vulnerabilities exist in known threat models and can often be detected by scanners that are updated with requisite information. However, zero-day vulnerabilities elude such detection due to their undetermined status.